GoDaddy Multi-Year Security Breach

GoDaddy Multi-Year Security Breach
Photo by: Mikhail Nilov

Hosting giant, GoDaddy, has disclosed a Multi-Year Security Breach that has compromised customer security and may cause infection of websites.  This is a noteworthy concern as the company acts as a hosting service for 20 million customers worldwide. 

The first breach was reported in November of 2019.  Since this time the company has reported two other breaches.  The latest threat, enacted by as a yet unidentified party, has resulted in complaints from customers of redirects to malicious sites.  These sites could infect sites with phishing attacks and malware.

Extent of Compromised Data

GoDaddy has reported that this multiple year security breach has been conducted by a sophisticated threat actor group.  The company has begun working with forensic external cybersecurity teams and international law enforcement agencies.  These actions have resulted in a continued investigation w has led to the discovery that other web hosting companies have also been targeted.

In the latest series of discoveries, GoDaddy reported that customers websites were being occasionally redirected due to a breach in the company’s shared hosting environment where malware had been installed into service source code.

In 2020 the login credentials for 28,000 customers had been compromised.  In a reported breach in November 2021, attackers gained access to a WordPress linked provisioning system and compromised passwords for WordPress site admin.  WordPress is a website builder content management system. This allowed the attackers to access customer websites and install malware.  The 2021 attack effected around 1.2 million customers.

GoDaddy has forced a reset on WordPress passwords and private keys.  I has also begun issuing new SSL certificates.  Information concerning these breaches was submitted to the United States Security and Exchange Commission (SEC) outlining the occurrence of service interruptions and security breaches and the remediation actions taken.

The Importance of Information Security Management Systems

Organizations, both public and private face a growing threat of data breach.  Many of these attacks are being funded by nation/states intent on the theft of proprietary information and the disruption of business continuity. Cybercriminals target companies handling valuable information.  These threats to the confidentiality, availability, and integrity of data can result in the complete collapse of a business.

Threats from cyber incidents are not only targeted at conventional data bases but at infrastructure and manufacturing processes that use digital technologies. In fact every new technology introduced to an organization presents an entry point for a cyber crime to occur.

While the effective implementation of cyber security software solutions and security controls is essential, they can easily be compromised by lax physical plant security or members of remote work force failing to employ security practices.  That is why policies, procedures, and training are required for effective risk management.

While there are a variety of systems that specify security controls, such as NIST SP 800-53 and CMMC, they do not incorporate effective risk management or process improvement.  For those industries that must comply to these standards an ISMS can greatly facilitate the performance of these regulatory requirements.

CVG Strategy ISMS Solutions

As the GoDaddy multi-year security breach illustrates, businesses worldwide are under attack from players that are well funded and very focused on compromising proprietary data.  CVG Strategy can help you attain an ISO 27001 certification.  This can help you demonstrate a commitment to data security through an internationally recognized process. IT solutions alone are not sufficient to combat these forces. 

Viable solutions include all stakeholders in an enterprise.  They include people, policies, procedures, risk analysis, incident responses, and an internal auditing process that yields constant improvement.

CVG Strategy provides cybersecurity consulting and training for large and small organizations.  Our experts can tailor a program using risk management process to identify information assets and interested parties.   We can create the documentation and provide the essential training to establish your ISMS and guide you through certification audits.

CVG Strategy also provides consulting services for NIST 800-171 and CMMC Certification for those businesses and institutions providing services to the Department of Defense and other government agencies.

Kevin Gholston

Share this post